[Bug] Cyber classifier false positives triggered by infrastructure terms in workspace context

Resolved 💬 2 comments Opened Jun 10, 2026 by chadcai-debug Closed Jun 13, 2026

Bug Description
Benign request ("set a reminder") triggered cyber classifier fallback. Root cause appears to be workspace context (CLAUDE.md + skills containing infra terms: nginx, JWT, ports), not message content. Every request in this workspace flags.

Environment Info

  • Platform: darwin
  • Terminal: iTerm.app
  • Version: 2.1.170
  • Feedback ID: 28742ca6-494a-4dba-ac7b-64670ea66630

Errors

[{"error":"Error: 403 {\"error\":{\"type\":\"forbidden\",\"message\":\"Request not allowed\"}}\n    at generate (/$bunfs/root/src/entrypoints/cli.js:11:68180)\n    at makeRequest (/$bunfs/root/src/entrypoints/cli.js:51:7694)\n    at processTicksAndRejections (native:7:39)","timestamp":"2026-06-10T01:54:03.422Z"},{"error":"Error: 403 {\"error\":{\"type\":\"forbidden\",\"message\":\"Request not allowed\"}}\n    at generate (/$bunfs/root/src/entrypoints/cli.js:11:68180)\n    at makeRequest (/$bunfs/root/src/entrypoints/cli.js:51:7694)\n    at processTicksAndRejections (native:7:39)","timestamp":"2026-06-10T01:57:04.103Z"},{"error":"Error: 403 {\"error\":{\"type\":\"forbidden\",\"message\":\"Request not allowed\"}}\n    at generate (/$bunfs/root/src/entrypoints/cli.js:11:68180)\n    at makeRequest (/$bunfs/root/src/entrypoints/cli.js:51:7694)\n    at processTicksAndRejections (native:7:39)","timestamp":"2026-06-10T01:57:57.774Z"}]

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗